Skip to main content

More than a thousand coronavirus-related phishing domains still registered every day

(Image credit: Image source: Shutterstock/wk1003mike)

One way to monitor the progress of the Covid-19 pandemic is to track what cybercriminals are up to. According to a new report from ProPrivacy, approximately 1,200 new Covid-19-related domains are still registered every day, many of which are  linked to malicious phishing and spear-phishing campaigns.

While down from the peak volume, the number of new coronavirus-related domains indicate that cybercriminals are still successfully preying on fears surrounding the pandemic.

However, the specific lures appear be shifting as the pandemic progresses. While two months ago “mask” and “covid” were the most prominent keywords, newly created domains target keywords such as “unemployment”, “welfare benefits” and “US stimulus package”.

The report, based on an analysis of more than 600,000 domains, claims that attacks are growing increasingly sophisticated and nuanced - and are also much harder to track.

“It would be easy to look at the overall trend and conclude that phishing activity related to the pandemic has simply fizzled out, but that’s not an accurate assessment,” said Sean McGrath, who headed up the research project.

“These malicious campaigns have moved underground and are now addressing our most intimate concerns. When will my children return to school? Will I lose my job? It is these - truly human - questions that will fuel the 'second peak' of malicious activity. This is the next battlefront in the digital pandemic.”